Enviar #846761: HdrHistogram 2.2.2 and earlier Improper Input Validationinformación

TítuloHdrHistogram 2.2.2 and earlier Improper Input Validation
DescripciónThe public method recordValueWithCount(long value, long count) in AbstractHistogram does not validate that the count parameter is positive. Passing negative values corrupts the histogram's internal state, including totalCount and individual bucket values. This allows an attacker who can influence the count parameter (e.g., through a metrics API or agent data receiver) to manipulate monitoring data, suppress SLA violations, or cause incorrect alerting decisions.
Fuente⚠️ https://github.com/HdrHistogram/HdrHistogram/issues/221
Usuario
 sara11h (UID 98571)
Sumisión2026-06-03 09:50 (hace 1 mes)
Moderación2026-07-04 06:40 (1 month later)
EstadoAceptado
Entrada de VulDB376281 [HdrHistogram hasta 2.2.2 AbstractHistogram AbstractHistogram.java recordValueWithCount Cantidad escalada de privilegios]
Puntos20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!